Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cisco, AMD and Intel Make Life Hard on Attackers

With automated network access control, policy enforcement can become a pillar of network security, an attractive proposition as network perimeters stretch to incorporate clients in far-flung locations. The idea is to let client software communicate with the router to enable or disable network access. Centralized control of security packages will let managers build a rational system that can keep malicious code outside the perimeter.

Both the Intel and AMD CPU permission-bit technology and NAC extend the trust relationship from systems down to individual software and hardware components. Malicious code is kept from the CPU, while client systems must be configured to be considered trustworthy.

Two large issues loom. First, both NAC and CPU permission-bit technology require upgrades to systems and applications--the protection isn't automatic. Second, having closed these doors, organizations could face other vulnerabilities--attackers may shift their attention to Web applications and databases.

Cisco, AMD and Intel--along with their software partners--have created a compelling road map for improving security. Following the map will involve significant development and deployment challenges for both vendors and IT organizations, but these are steps in the right direction.